Towards Activity-Centric Access Control for Smart Collaborative Ecosystems

TL;DR

This paper introduces the concept of activity-centric access control (ACAC) for smart ecosystems, emphasizing the importance of managing device activities based on context, conditions, and relationships to enhance security and coordination.

Contribution

It proposes the initial concept and framework for activity-centric access control tailored for interconnected smart systems, addressing the need for context-aware permission management.

Findings

Identifies key factors influencing activity control decisions.

Proposes a preliminary approach for defining activity control expressions.

Highlights the importance of activity-based permissions in smart ecosystems.

Abstract

The ubiquitous presence of smart devices along with advancements in connectivity coupled with the elastic capabilities of cloud and edge systems have nurtured and revolutionized smart ecosystems. Intelligent, integrated cyber-physical systems offer increased productivity, safety, efficiency, speed and support for data driven applications beyond imagination just a decade ago. Since several connected devices work together as a coordinated unit to ensure efficiency and automation, the individual operations they perform are often reliant on each other. Therefore, it is important to control what functions or activities different devices can perform at a particular moment of time, and how they are related to each other. It is also important to consider additional factors such as conditions, obligation or mutability of activities, which are critical in deciding whether or not a device can perform a requested activity. In this paper, we take an initial step to propose and discuss the concept of Activity-Centric Access Control (ACAC) for smart and connected ecosystem. We discuss the notion of activity with respect to the collaborative and distributed yet integrated systems and identify the different entities involved along with the important factors to make an activity control decision. We outline a preliminary approach for defining activity control expressions which can be applied to different smart objects in the system. The main goal of this paper is to present the vision and need for the activity-centric approach for access control in connected smart systems, and foster discussion on the identified future research agenda.